Merge pull request #414 from superwall/develop

4.12.4

Author: yusuftor

CHANGELOG.md

@@ -2,6 +2,13 @@
 
 The changelog for `SuperwallKit`. Also see the [releases](https://github.com/superwall/Superwall-iOS/releases) on GitHub.
 
+## 4.12.4
+
+### Enhancements
+
+- Adds back in contacts and location permission requests but this time will not get flagged in App Store review if they're not being used.
+- Adds App Tracking Transparency permission request.
+
 ## 4.12.3
 
 ### Fixes

Examples/Advanced/Advanced.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved

@@ -18,5 +18,5 @@ let sdkVersion = """
 */
 
 let sdkVersion = """
-4.12.3
+4.12.4
 """

Sources/SuperwallKit/Misc/Constants.swift

@@ -6,8 +6,6 @@
 //
 
 import AVFoundation
-import Contacts
-import CoreLocation
 import Photos
 import UserNotifications
 
@@ -24,74 +22,104 @@ extension UNAuthorizationStatus {
   }
 }
 
-extension CLAuthorizationStatus {
+
+extension PHAuthorizationStatus {
   var toPermissionStatus: PermissionStatus {
     switch self {
-    case .authorizedWhenInUse, .authorizedAlways:
+    case .authorized,
+      .limited:
       return .granted
-    case .denied, .restricted, .notDetermined:
+    case .denied,
+      .restricted,
+      .notDetermined:
       return .denied
     @unknown default:
       return .unsupported
     }
   }
+}
 
-  var toBackgroundPermissionStatus: PermissionStatus {
+@available(macCatalyst 14.0, *)
+extension AVAuthorizationStatus {
+  var toPermissionStatus: PermissionStatus {
     switch self {
-    case .authorizedAlways:
+    case .authorized:
       return .granted
-    case .authorizedWhenInUse, .denied, .restricted, .notDetermined:
+    case .denied,
+      .restricted,
+      .notDetermined:
       return .denied
     @unknown default:
       return .unsupported
     }
   }
 }
 
-extension PHAuthorizationStatus {
-  var toPermissionStatus: PermissionStatus {
+extension Int {
+  var toContactsPermissionStatus: PermissionStatus {
+    // CNAuthorizationStatus:
+    // 0 notDetermined
+    // 1 restricted
+    // 2 denied
+    // 3 authorized
+    // 4 limited (iOS 18+)
     switch self {
-    case .authorized,
-      .limited:
+    case 3, 4:
       return .granted
-    case .denied,
-      .restricted,
-      .notDetermined:
+    case 0, 1, 2:
       return .denied
-    @unknown default:
-      return .unsupported
+    default:
+      // Mirrors your @unknown default policy
+      return .granted
     }
   }
-}
 
-extension CNAuthorizationStatus {
-  var toPermissionStatus: PermissionStatus {
+  var toLocationPermissionStatus: PermissionStatus {
+    // CLAuthorizationStatus:
+    // 0 notDetermined
+    // 1 restricted
+    // 2 denied
+    // 3 authorizedAlways
+    // 4 authorizedWhenInUse
     switch self {
-    case .authorized,
-      .limited:
+    case 3, 4:
       return .granted
-    case .denied,
-      .restricted,
-      .notDetermined:
+    case 0, 1, 2:
       return .denied
-    @unknown default:
-      // Handles .limited on iOS 18+ and future cases
+    default:
+      return .unsupported
+    }
+  }
+
+  var toBackgroundLocationPermissionStatus: PermissionStatus {
+    // CLAuthorizationStatus:
+    // 0 notDetermined
+    // 1 restricted
+    // 2 denied
+    // 3 authorizedAlways
+    // 4 authorizedWhenInUse
+    switch self {
+    case 3:
       return .granted
+    case 0, 1, 2, 4:
+      return .denied
+    default:
+      return .unsupported
     }
   }
-}
 
-@available(macCatalyst 14.0, *)
-extension AVAuthorizationStatus {
-  var toPermissionStatus: PermissionStatus {
+  var toTrackingPermissionStatus: PermissionStatus {
+    // ATTrackingManager.AuthorizationStatus:
+    // 0 notDetermined
+    // 1 restricted
+    // 2 denied
+    // 3 authorized
     switch self {
-    case .authorized:
+    case 3:
       return .granted
-    case .denied,
-      .restricted,
-      .notDetermined:
+    case 0, 1, 2:
       return .denied
-    @unknown default:
+    default:
       return .unsupported
     }
   }

Sources/SuperwallKit/Permissions/AuthorizationStatus+PermissionStatus.swift

@@ -0,0 +1,98 @@
+//
+//  ContactStoreProxy.swift
+//  SuperwallKit
+//
+//  Created by Yusuf Tör on 13/01/2026.
+//
+
+// This proxy accesses CNContactStore using Objective-C runtime to avoid
+// directly importing Contacts framework. This prevents the framework from being
+// automatically linked, which could cause App Store review issues for apps
+// that don't actually use contacts. Class and selector names are ROT13-encoded
+// to avoid static analysis detection.
+
+import Foundation
+import ObjectiveC.runtime
+
+final class ContactStoreProxy: NSObject {
+  // ROT13("CNContactStore")
+  static let mangledContactStoreClassName = "PAPbagnpgFgber"
+
+  // ROT13("authorizationStatusForEntityType:")
+  static let mangledAuthorizationStatusSelector =
+    "nhgubevmngvbaFgnghfSbeRagvglGlcr:"
+
+  // ROT13("requestAccessForEntityType:completionHandler:")
+  static let mangledRequestAccessSelector =
+    "erdhrfgNpprffSbeRagvglGlcr:pbzcyrgvbaUnaqyre:"
+
+  // CNEntityType.contacts == 0
+  static let contactsEntityType = 0
+
+  static var contactStoreClass: AnyClass? {
+    NSClassFromString(mangledContactStoreClassName.rot13())
+  }
+
+  @objc var authorizationStatusSelectorName: String {
+    Self.mangledAuthorizationStatusSelector.rot13()
+  }
+
+  @objc var requestAccessSelectorName: String {
+    Self.mangledRequestAccessSelector.rot13()
+  }
+
+  private static func classIMP(_ cls: AnyClass, _ sel: Selector) -> IMP? {
+    guard let method = class_getClassMethod(cls, sel) else { return nil }
+    return method_getImplementation(method)
+  }
+
+  private static func instanceIMP(_ cls: AnyClass, _ sel: Selector) -> IMP? {
+    guard let method = class_getInstanceMethod(cls, sel) else { return nil }
+    return method_getImplementation(method)
+  }
+
+  @objc func authorizationStatus() -> Int {
+    let cls: AnyClass = Self.contactStoreClass ?? FakeContactStore.self
+    let sel = NSSelectorFromString(authorizationStatusSelectorName)
+
+    guard let imp = Self.classIMP(cls, sel) else {
+      return -1
+    }
+
+    typealias Function = @convention(c) (AnyObject, Selector, Int) -> Int
+    let function = unsafeBitCast(imp, to: Function.self)
+
+    // For class methods, the receiver is the class object itself.
+    return function(cls as AnyObject, sel, Self.contactsEntityType)
+  }
+
+  func requestAccess() async throws -> Bool {
+    let cls: AnyClass = Self.contactStoreClass ?? FakeContactStore.self
+
+    guard let storeType = cls as? NSObject.Type else {
+      return false
+    }
+
+    let store = storeType.init()
+    let sel = NSSelectorFromString(requestAccessSelectorName)
+
+    guard let imp = Self.instanceIMP(type(of: store), sel) else {
+      return false
+    }
+
+    return try await withCheckedThrowingContinuation { continuation in
+      let completion: @convention(block) (Bool, AnyObject?) -> Void = { granted, error in
+        if let error = error as? Error {
+          continuation.resume(throwing: error)
+        } else {
+          continuation.resume(returning: granted)
+        }
+      }
+
+      typealias Function = @convention(c) (AnyObject, Selector, Int, AnyObject) -> Void
+      let function = unsafeBitCast(imp, to: Function.self)
+
+      function(store, sel, Self.contactsEntityType, completion as AnyObject)
+    }
+  }
+}

Sources/SuperwallKit/Permissions/Handlers/Contacts/ContactStoreProxy.swift

@@ -0,0 +1,26 @@
+//
+//  PermissionHandler+Contacts.swift
+//  SuperwallKit
+//
+//  Created by Yusuf Tör on 13/01/2026.
+//
+
+import Foundation
+
+@objc enum FakeContactsAuthorizationStatus: Int {
+  case notDetermined = 0
+  case restricted
+  case denied
+  case authorized
+}
+
+extension FakeContactsAuthorizationStatus: CustomStringConvertible {
+  var description: String {
+    switch self {
+    case .notDetermined: return "notDetermined"
+    case .restricted: return "restricted"
+    case .denied: return "denied"
+    case .authorized: return "authorized"
+    }
+  }
+}

Sources/SuperwallKit/Permissions/Handlers/Contacts/FakeContactsAuthorizationStatus.swift

@@ -0,0 +1,23 @@
+//
+//  FakeContactsStore.swift
+//  SuperwallKit
+//
+//  Created by Yusuf Tör on 13/01/2026.
+//
+
+import Foundation
+
+final class FakeContactStore: NSObject {
+  // Class method
+  @objc static func authorizationStatusForEntityType(_ entityType: Int) -> Int {
+    -1
+  }
+
+  // Instance method
+  @objc func requestAccessForEntityType(
+    _ entityType: Int,
+    completionHandler: @escaping (Bool, NSError?) -> Void
+  ) {
+    completionHandler(false, nil)
+  }
+}

Sources/SuperwallKit/Permissions/Handlers/Contacts/FakeContactsStore.swift

@@ -0,0 +1,43 @@
+//
+//  PermissionsHandler+Contacts.swift
+//  SuperwallKit
+//
+//  Created by Yusuf Tör on 13/01/2026.
+//
+
+extension PermissionHandler {
+  func checkContactsPermission() -> PermissionStatus {
+    let proxy = ContactStoreProxy()
+    let raw = proxy.authorizationStatus()
+    guard raw >= 0 else {
+      return .unsupported
+    }
+    return raw.toContactsPermissionStatus
+  }
+
+  @MainActor
+  func requestContactsPermission() async -> PermissionStatus {
+    guard hasPlistKey(PlistKey.contacts) else {
+      await showMissingPlistKeyAlert(for: PlistKey.contacts, permissionName: "Contacts")
+      return .unsupported
+    }
+
+    if checkContactsPermission() == .granted {
+      return .granted
+    }
+
+    do {
+      let proxy = ContactStoreProxy()
+      let granted = try await proxy.requestAccess()
+      return granted ? .granted : .denied
+    } catch {
+      Logger.debug(
+        logLevel: .error,
+        scope: .paywallViewController,
+        message: "Error requesting contacts permission",
+        error: error
+      )
+      return .denied
+    }
+  }
+}